Oct 13, 2020 / 20:58

EP 07: Hacking the Chrome Sandbox

In 1994, the first commercial internet browser was released. Netscape Navigator went on to be eclipsed by Internet Explore, Safari, Firefox, and now Chrome, but it helped kick start the internet-focused world we live in today. And along with that we’ve also learned a lot about browser security.


No matter how strong we build our browsers, that does not prevent hackers from trying to break new things. In this episode, one researcher explains how he successfully escaped the Chrome sandbox, and how bug bounties might just be a good thing resulting in better security for us all. 

If you think hacking only involves the use of a keyboard or code, then you’re probably missing out. What about using light? What about using sound?

In this episode, The Hacker Mind looks at some of the work Dr. Kevin Fu has been doing at the University of Michigan -- in particular using laser pointers to pwn voice-activated digital assistants, and using specific frequencies of sound to corrupt or crash magnetic hard disk drives.

In the infosec world, blue team hackers are hands down the more elite--and why not? They are defending the crown jewels, 24/7. They have to think of every attack vector. And the red team? They only have to be right once.

Game Theory is an important part of the underlying strategy used by hackers when playing attack and defend Capture the Flag. It’s thinking how your opponent might respond to an event and then planning for it. Knowing when to patch and when not to was part of the winning strategy behind DARPA’s 2016 Cyber Grand Challenge, which was modeled off the DEF CON CTF. 

But what happened the day after CGC at DEF CON 24? That was the day the very best human CTF hackers were invited to play against the winner of CGC, a computer reasoning system named Mayhem. This episode of The Hacker Mind starts to answer the question, can a machine really think like a hacker?

DARPA’s Cyber Grand Challenge in 2016 showed the world what's coming -- autonomous adversaries -- and raised serious questions. How can organizations react to something that makes decisions in milliseconds? How can you still have humans in the loop when reaction time is key? And how can organizations defend or stop something that increases its own cyber capabilities autonomously?


In this episode we go behind the scenes for the first and only completely autonomous capture the flag competition at DEF CON 24 with Team ForAllSecure.

After winning DEF CON's annual Capture The Flag (CTF) competition five of the last seven years, the Plaid Parliament of Pwning (PPP) returns as reigning champions but under very different conditions because of COVID 19. So, how is the team preparing?  


In this The Hacker Mind episode, one of PPP's members, Zaratec, tells how she first joined PPP, how the team is making changes for this year's online CTF final, and what skills she’s learned from CTFs in general that apply to real-world infosec jobs.

In this inaugural episode, The Hacker Mind looks at why the West Point Military Academy, and other organizations within the DoD, is training its young cadets to hack. The answer? To help fill a critical shortage of infosec experts that is only getting worse.


This is the story of how DARPA created a series of capture the flag contests to train and define infosec talent at the U.S. military academies, and how one young cadet joined a team of competitive hackers at West Point.

Jul 15, 2020 / 01:55

EP 00: The Hacker Mind (Promo)

Welcome to Hacker Mind, an original podcast from ForAllSecure. It’s about solving software security problems through advanced fuzz testing technology. 

In each episode, host Robert Vamosi shares stories from the individuals who are influencing the world of software security, and the real world impact that is having in our cars, our planes, our weapons systems, and in our mobile phones and browsers.